Find a Question:

FBI: Russian Yahoo hack probably began with “spear phishing”

Mar

16

2017

The hack allowing two Russian spies and two hackers probably had access to 500 million accounts with Internet service Yahoo, probably began with “spear phishing” by an employee of the company. In addition, it was not a top executive, the FBI claims.

yahooThe employee part had access to internal systems that turn the hackers essentially the way to penetrate accounts, claiming Ars Technica, based on an interview with an FBI employee. The Yahoo employee probably kicked in “spear phishing,” a method of phishing that is focused on a single person or a single company. By adjusting the phishing method to someone, it is much more focused and is the probability of success greater than in a regular phishing attack.

With that method, or perhaps through social engineering, the defendants were given according to the FBI, the username and password of Yahoo employee owned. When they found out that they could penetrate accounts without knowing or change the password. They could use a tool to generate cookies based on a cryptographic number that Yahoo generates after login. Who that cookie in the browser are, therefore has access to the account. Yahoo confirmed earlier that attackers using spoofed cookies had access to accounts.

Through this method yielded the suspects, according to the US intelligence access to over 6,500 accounts. Among them were accounts of American and Russian diplomats, Russian journalists and employees of US companies with sensitive information, claimed the US justice Wednesday. In total, the suspects could get access to a half billion accounts.

The four suspects, three Russians and a hacker with passports from Kazakhstan and Canada. They are 43, 44, 29 and 22 years old. It happens that a country little spies from other states suing because of a hack. Of the four suspects has thus far one arrested. The hack took place from January 2014 and found about five hundred million accounts. This hack is separate from that of August 2013, in which malicious loins data from more than one billion accounts could grab .